Skip to main content
DualMind Lab uses a split deployment: backend on Azure App Service, frontend and admin on Cloudflare Workers. Database is managed by Supabase.

Architecture overview

ComponentPlatformURL
Backend APIAzure App Servicehttps://api.dualmindlab.tech
FrontendCloudflare Workershttps://arena.dualmindlab.tech
Admin PanelCloudflare WorkersSeparate Workers project
DatabaseSupabase (hosted PostgreSQL)https://calqfzajyidkdzbaswjp.supabase.co

Backend deployment (Azure)

The backend auto-deploys via GitHub Actions on push to main:
# Trigger: push to main branch
# Steps: restore → build → publish → deploy to Azure App Service
This is the recommended deployment method. Every push to main triggers an automatic build and deploy.

Environment variables (Azure)

Set these in Azure App Service → Configuration → Application settings:
VariableRequiredDescription
SUPABASE_URLYesSupabase project URL
SUPABASE_SERVICE_ROLE_KEYYesService role key for DB access
JWT_SECRETYesJWT secret for token validation
GROQ_API_KEYOptionalGroq API key (overrides DB keys)
ASPNETCORE_ENVIRONMENTRecommendedSet to Production
Never store secrets in code or config files. Use Azure Application Settings or Key Vault.

Frontend deployment (Cloudflare Workers)

Prerequisites

  • Cloudflare account with Workers enabled
  • wrangler CLI authenticated (npx wrangler login)

Deploy

cd DualMind_UI
npx wrangler deploy

Configuration

Update config.js before deploying to ensure production URLs: 
// These should auto-detect, but verify:
// - apiBaseUrl resolves to 'https://api.dualmindlab.tech' in production
// - supabase.url and supabase.anonKey are set correctly
The Cloudflare Worker (worker.js) proxies /api/* requests to the backend and serves static files for everything else.

Admin panel deployment

cd DualMind_Admin-UI
npm run deploy       # staging
npm run deploy:prod  # production
Set BACKEND_URL in Cloudflare Workers environment: 
[env.production.vars]
BACKEND_URL = "https://api.dualmindlab.tech"

Supabase configuration

Required tables

Ensure all tables exist in the public schema. See Database Schema for complete definitions:
  • users, ai_models, threads, thread_messages
  • comparisons, model_votes, providers, provider_api_keys
  • system_settings

Row-Level Security (RLS)

If RLS is enabled on tables, ensure the service role key bypasses RLS or appropriate policies are in place. The backend uses the service role key which bypasses RLS by default.

Feature flags

Insert into system_settings: 
INSERT INTO system_settings (key, value) VALUES ('public_sharing', 'true');

Monitoring

Backend Logs

Azure App Service → Log Stream for real-time logs. Each request logs correlation ID, method, path, duration, and status code.

Health Checks

  • GET /health — basic API health
  • GET /api/health — alias endpoint
  • GET /api/arena/ping — arena subsystem

Swagger UI

Available at /swagger in all environments. Useful for quick API testing and exploration.
Use the X-Correlation-Id response header to trace requests across logs.